<?php
mysql_connect('localhost','root','');
mysql_select_db('administrasi15');
?>
<form action="" method="post">
	<input type="password" name="plama" placeholder="Password Lama" required> <br>
	<input type="password" name="pbaru" placeholder="Password Baru" required>
	<input type="submit" value="Simpan Perubahan" name="simpan">
</form>
<?php
if(isset($_POST['simpan'])){
		$admin=$_SESSION['namauser'];
		$password=$_SESSION['passuser'];
		$plama=md5($_POST['plama']);
		$pbaru=md5($_POST['pbaru']);
		if($plama==$password){
			$ubah=mysql_query("UPDATE users SET `password`='$pbaru' WHERE `user_id`='$admin'");
			if($ubah){
				echo "<script>alert('Password berhasil dirubah')</script>";
			}else{
				echo "<script>alert('Password gagal dirubah')</script>";
			}
		}
	
}
?>